UPDATES (November 11th, 2018)

A year-end update is coming, it will detail how nothing has really changed, nothing has been debunked by opponents, how, if anything, corroborating evidence has been discovered to support earlier suspicions about Guccifer 2.0's behavior and that recent attacks from certain parties and individuals ultimately make no difference to the evidence and findings of researchers (because in most cases these weren't even tackled by detractors and opponents and because objections raised have primarily been based on supposition or irrelevant character attacks rather than being based on relevant evidence).

Opponents can screech "bogus study" and "debunked" about Forensicator's research all they like, but they're far from demonstrating themselves to be capable of anything more than being smear merchants and con-artists.

I'll also be explaining why I'm convinced that Mueller's indictment, is, at best, based on flawed or possibly misappropriated intelligence as well as what my plans are going into 2019.

Other articles are planned (about disinformation, manufactured outrage, online influence operations, etc) but these are in early stages and might not be out for a few weeks yet.

Part Three of the series rebutting Duncan Campbell's smears and the hit-piece published by ComputerWeekly has been published. It covers the propagation and promotion of Campbell's efforts, highlights lies and smears propagated by journalists and paid propagandists and calls out ComputerWeekly's editor in chief over editorial incompetence, irresponsibility and the betrayal of trust of his publication's readers.

Just to make sure I was fairer to them than they were to me, TechDirt and Defense One were allowed to see a preview of the respective rebuttals and invited to point out inaccuracies or anything unfair in my responses. Neither replied and neither they nor Duncan Campbell responded when asked for comment on each having promoted conspiracy theories that are now debunked.

While there is now plenty of information published that discredits and debunks the smears that associates and I have been subjected to, some evidence has deliberately been held in reserve in anticipation of the attacks being sustained or extended in future.

Getting back on track, I'm hoping the next update is going to be a constructive one with some new information on Guccifer 2.0.

Recently, Forensicator published "The Campbell Conspiracy", an article that debunks key aspects of the conspiracy theory Duncan Campbell has constructed as part of a hit piece targeting several individuals (and that was published by ComputerWeekly at the end of July).

The final part of my series responding to Campbell's character assassination attempts (and to those that contributed to and amplified his efforts) will be published soon along with two additional articles challenging what was published by TechDirt and DefenseOne at the beginning of August (which echoed Campbell's conspiracy theories and smears without fact checking).

Hopefully, with this out the way (assuming detractors have finished their reputation-kamikaze missions), I can get back to investigating and reporting on things that are actually worthy of public attention soon.

Updates from August 18th, 2018

The past month has been quite distracting, so let's catch up with what I've missed:

A tweet from August 12th was incorrectly listed as August 13th in the corpus, this has been corrected.

A DM from Guccifer 2.0 to Roger Stone on August 17th was corrected in the corpus to change "and i think gonna read ur books" to "and i think i gonna read ur books" (I had missed out an "i" between "think" and "gonna")

Obviously, these corrections don't really change anything but have been made for sake of accuracy.

Defianet Resurrection

I'm looking at resurrecting Defianet. For this project, I'm looking at collating studies on propaganda, deception, social media manipulation, censorship, smear-campaigns and ways that we can identify, detect and combat each.

If you have anything that you think would be a useful contribution to this (whether your own work or that of third parties) - please contact me by email or Twitter DMs.

The purpose of this isn't to identify who the propagandists are by name but to identify the tools, techniques, tactics and forms of disinformation/propaganda/etc they employ so that propagandists can be recognized by their actions and behavior no matter what name or origins they have.

I'm also interested in identifying which independent media outlets face undeserved suppression and censorship on social media as this seems to be an increasingly concerning issue for many of us..

This was followed by a group of writers I had previously criticized for spin/strawman attacks(eg.Karl Bode, Raffi Khatchadorian, etc) and a handful of reputation managers from the ShareBluie and Atlantic Council nexuses (RVAWonk, TrickFreee, PropOrNot, etc) - all trying to opportunistically attack on the back of Campbell's festival of smears.

Foolishly and thankfully, many of these individuals have given me examples of spin, distortion, lies and manipulation that will be handy for an article on identifying propaganda by form, something I plan to write once the current series is complete.

I did try to convince ComputerWeekly to salvage Campbell's reputation and gave them fair (and polite) cautionary advice to check details with third parties ahead of publication and it doesn't seem they followed up on this. I will be publishing all of the relevant communications on the d3f.uk site so that the public can see this and my communications with Bryan Glick (with more to be sent over the next 48 hours) may even do a better job of debunking the hit-piece than my Part Two article above as it's an itemized refutation of all of the bilge and speculative crap they've published and presented to their readers as though it were fact.

This whole saga shows, unfortunately, how journalists with considerable mental acuity can still burn their own reputations by emotionally investing in idiotic conspiracy theories to such a degree they'll try to attack those that bring attention to evidence contradicting those conspiracy theories, will accuse their targets of holding ridiculous conspiracy theories (often distorting to make these assertions), start screeching "pro-Kremlin" incessantly and even try to present the most tenuous of assocations as though it's evidence of affiliation and ideological compatability in order to make a convoluted insinuation that their target is antisemitic.

It's disappointing to witness such journalistic moral decline, it's sad to see what depths Duncan Campbell has sunk to.

Alternate Guccifer 2.0 Attribution Theories

While discovering efforts to deceive the public over DCLeaks has me personally inclined to disbelieve much of what comes from Mark Dougan, it seems there are some parallels in behavior of Guccifer 2.0 and BadVolf. Dougan has been asked about this by a third party directly and his response is interesting (though, seems to somewhat play to the suspicions of the inquisitor).

Unfortunately, having to defend myself has kept me preoccupied but this is something I intend to cover (along with taking a look at other suspicions and theories that have been presented to me lately) in more detail soon.

I wanted to at least mention this to acknowledge their views and give some assurance of my intent to cover this.

House-Keeping

There are a bunch of third party articles that I need to give coverage to (and will do in the week ahead) as well as some minor corrections (wrong dates, etc) in the corpus that I will be fixing before the weekend. These changes don't impact on anything and are just being made for sake of accuracy. I'll post a log of the changes made, for reference, when complete.

Updates from July 25th, 2018

New article:

It is important to acknowledge and report on new, verifiable discoveries no matter which perspectives or theories they support and there's no denying that a recent discovery does go, to some degree, in favor of the RussiaGate proponents.

There is more to add but I will do a full recap of recent media coverage surrounding Guccifer 2.0 and related topics soon.

For any that have noticed that Guccifer 2.0's twitter account was suspended around the time the indictment was issues - you can find links to independently archived copies of tweets in the timeline and the contents of these are also in the corpus.

Putting aside the likelihood that the GRU would use ToR or similar routing technologies in addition to making sure their point-of-origin was unattributable, the assertion that the GRU would use a commercial Russian VPN service to hide their Russian origins is hilarious.

Seems the Daily Beast can be relied on by spooks to promote baseless 'gaslighting' efforts.

Updates from February 17th, 2018

Most of Guccifer 2.0's First Batch of Documents Were Constructed With GMT+3 Timezone Set

Recently a new blog has emerged featuring some new analysis of the DataStore and other elements of Guccifer 2.0's first batch of documents. The evidence found does suggest that while editing his first 3 documents Guccifer 2.0's local timezone setting was GMT+3, the same as Moscow as well as Crimea/East Ukraine and Romania (accounting for daylight savings time). However, there is some inconsistency when the other documents in the same batch are analyzed (something that the author of the blog hasn't got to yet it seems).

However, there are unsubstantiated claims in some of the articles there and some of the articles published initially made some claims that appear to have been misinterpretations made in analysis. Fortunately, the author has been responsive to criticism and resolved some of those issues already. A brief review will be published soon, if you want to check this out, it's: Loaded For Guccifer

Origin of Flood's Name Discovered - It's NOT From A Copy of MS-Word Being Used On June 15, 2016

While this new discovery will require some updates and corrections to a few articles and updates to the main page (oh joy!!)... it's not the only update/change/correction needed... there's also the fact that the Flood<->Biden<->West Wing office theory's viability has just been decimated by new evidence discovered by Forensicator.

I've written a very brief outline from my perspective of what I know has been discovered (just as an early warning so people know not to push the possibility of the Flood-Biden-WH-Ukraine meeting correlations):

Forensicator will be publishing a report that covers a lot more and explains in detail all the evidence found and various discoveries that make it clear that the true origin of Flood's name in Guccifer 2.0's documents has now been identified.

It's interesting how and why this was discovered... but that's a story for another day.

Updates from December 31st, 2017

A few updates have been made to the main page (for mobile devices), I'll get responsive CSS applied across most of the site over the next week or two.

ICYMI: My first article for Disobedient Media was published on December 26th and was republished on Zero Hedge, The Duran, Gateway Pundit and other sites:

An over-zealous investigative journalist caused a panic with the previous hosts. While their technical director knew about my sites and was willing to take a stand against snooping the other director wasn't aware of anything and had an investigative journalist try to intimidate him. This caused a panic that ended up with service being terminated.

An article explaining what happened, who was behind it, what they did, the false accusations they've made, the slander made against me, the dishonest way they have described many decent independent media sites, their aggressive interrogative communications and more is prepared.

Introducing Duncan Campbell

There is currently a challenge being made by Duncan Campbell regarding the conclusion about EDT timezones in Forensicator's study of the NGP-VAN archive. However, I question the strength of this challenge and the motives of the challenger. We'll cover this in more detail soon.

Campbell has also said he's written to Stephen McIntyre regarding an issue relating to WInRar 4.2. To quote him:

"Mr Binney and I have written to Mr McIntyre several times, asking him to review his suggestion that WinRAR v4.2 displays time zone settings. He has not replied. WinRAR 4.2 does not display any time zone setting when used to open compressed files. Do you agree? If not, please explain your reasoning and observations"

Stephen McIntyre, responding within minutes via Twitter DM, has stated he hasn't received communications from Duncan Campbell and has asked him to re-send.

Correction: Assange Did NOT Draw Distinction on Hacks versus Leaks - It's just a common misconception.

Dear reader, I owe you an apology... I made a mistake... a correction has been made to the main page.

I had wrote that Julian Assange had stated that publications were from leaks and not hacks. This isn't true. He hasn't actually made a statement specifically drawing that distinction. The article now states that Assange has implied the emails were leaked in contrast to Guccifer 2.0's claims that they were hacked.

Updates from December 14th, 2017

FAQs have had to be removed from the main page for now some articles may go to 403 errors temporarily due to restrictions with the new host. Will aim to get everything restored/resolved by the end of the weekend.

Recently, a fairly well known publication has decided to investigate the Guccifer 2.0 case, even including accounting for some of the research that has come out this year. While the stated intent is to learn the truth about Guccifer 2.0, we can only be sure of the objective when they publish.

I'll post an update when more is known about this.

I've written a new article that covers the absence of relevant evidence that came from CrowdStrike, about it's contradictory claims and the reason why incident-specific evidence should have been captured and reported on (even though nothing of that nature was published by CrowdStrike)

Some of you will have realized by now that a RussiaGate media campaign was launched recently, the results of which we've seen across the media over the last week.

It's probably fair to assume this was likely in response to Bill Binney (former NSA Technical Director) meeting with the CIA's Mike Pompeo to discuss some of the evidence discovered this year that conflicts with the mainstream RussiaGate narrative.

I've also added Raphael Satter's tweeted screen grab of part of a conversation he had with Guccifer 2.0 (Nothing new unfortunately, just the same claim he made elsewhere that he was WikiLeaks source, even stating that he doesn't know if/when WikiLeaks would publish - a strange claim to make considering WikiLeaks had already published emails that Guccifer 2.0 claimed to be the source of in the month before he stated this!)

Steve Cunningham has recently posted an article up titled: "Florida Journalist Has More DMs with Guccifer 2.0" showing that there were a few more DMs between Guccifer 2.0 and Aaron Nevins that I haven't archived and transcribed yet. - I will add these soon but for now, if you want to see the other DMs, go check out the article.

I will be making some adjustments regarding content flagged as disputed soon, more details on that in the next update.

Also:

further discoveries have been made both in relation to files and to an individual I've reported on previously, I won't go into detail for now as the data is still being parsed/validated/etc. but there will be some new information to report on soon.

someone has sent out FOIAs to DHS to request documents from agencies relating to the Guccifer 2.0 case, it's still at an early stage, if anything informative emerges I'll be sure to post an update with more details and copies of the documents received.
.

Updates from October 24th, 2017

It seems I'm around the 3000 mark on 'followers' on Twitter, so just want to say...

The support, assistance & encouragement from many of you has gone far beyond what the 'follower' title suggests, many of you are friends, co-contributors, fellow citizen journalists/researchers and so much more.

If nothing else, I owe many of you my gratitude, so, THANK YOU to everyone.

Regarding the road ahead, I'll be keeping the G2 site updated but will be looking to expand operations to deal with more than just Guccifer 2.0/RussiaGate in the New Year. I'm currently juggling with a few ideas relating to citizen journalism, independent media, accountability of mainstream media, detecting organized social media sockpuppetry and more.

For now though, there are a few more articles to write and publish.

The first of these will be posted here within the next 24 hours.

Updates from October 3rd, 2017

Washington Post published an article containing what I suspected to be specious claims.

Stephen McIntyre has been taking a closer look at the cf.7z archive (the archive released when Guccifer 2.0 claimed he had hacked the Clinton Foundation). However, contrary to my conclusions, McIntyre has made discoveries that he states are likely to be indicative of a genuine hack/hacker:

I've noticed some file modification timestamps in that archive from before the DNC was supposedly first hacked (Summer 2015) and am wondering whether we're seeing timestamp preservation, etc. in parts but haven't had time to analyze the files myself. I'll look into this during the week ahead.

Finally, last night, I published the results of a study conducted on Guccifer 2.0's Tweets and WordPress activity:

...then came news that Robert Mueller, the House & Senate Intelligence Committees, House & Senate Judiciary Committees as well as Deputy Attorney General Rod J Rosenstein had all been sent a report by Skip Holden notifying them of many of the discoveries made by independent researchers as well as a number of issues relating to the JAR and ICA reports from December 2016 and January of this year...

...this encouraged me to finally carry out the 5th of my escalation phases - to bring the issues to the attention of the international community via their embassies in my country (UK) - as well as keeping up with the usual chores...

Thanks goes out to Steve Cunningham for reminding me of a few G2 comms that needed adding.

Language analysis contents have been updated.
Two new sets of DMs have been added.

Updates from August 28th, 2017

The first of these gives a good recap of some of the technical evidence that has come out this year. The second is Redacted Tonight, featuring comedian Lee Camp, covering the memos from VIPS members and the recent article that featured in The Nation.

I had been promising a positive, up-beat article, something more uplifting than bashing the writers that have been assailing Patrick Lawrence's article in The Nation lately, so, I've posted one covering all the good things that have happened lately, aptly titled "Thank You!"

There are more things I'm working on but the element of surprise would be ruined if I gave details out at this stage, so for strategic purposes, I'll give more details when those are complete (some time in the next couple of weeks).

You will also likely hear more from other parties in the very near future but I can't say how/when that will occur as it's not really a process that concerns me directly or that I have any direct involvement in.

Updates from August 14th, 2017

Have cleaned up the section regarding Warren Flood and improved quality in a few other areas thanks to some helpful advice and healthy criticism recently received.

I've posted up two new articles to dissent the dissent against the dissent of the fake Guccifer 2.0 narrative.:

Thank you to Skip Folden, Patrick Lawrence & all VIPS members for helping to get this information to the surface.
Thanks also to The Nation & Leonid Bershidsky (Bloomberg View) for reporting on this.

h/t: u/tvor_22, whose analysis of RSIDs helped validate the deliberate process used to taint the documents..

FORENSICATOR ANALYSIS: INTERNET CONNECTION SPEEDS

Regardless of any download speeds achievable on the Internet today, the following points still apply::

1) The speeds observed are most consistent with USB2.0 transfer speeds.
2) There are FAT filesystem anomalies in the files (such as you'd get from moving files to a USB stick)
3) The timestamps remained persistently in the Eastern timezone.

Updates from August 6th, 2017

I've posted a new article up titled "Guccifer 2.0 - Six Months In" that summarizes what has been discovered so far and covers topics including Forensicator, VIPS interest & memos, timestamp/meta-data integrity considerations, the various types of attacks being used to try to undermine reporting on the new discoveries (and how to handle them), various topics that should not be conflated with the Guccifer 2.0 persona (because such links aren't substantiated at all) and more.

There's a good video on YouTube via 'BlackPilled' that gives an overview of quite a few of the things covered on this site in a way that makes the information covered very easy to process, it may be handy for those that don't want to have to read a lot to get a good general overview of what is a complicated, multi-faceted subject:

I may be writing a few articles elsewhere soon about non-Guccifer 2.0 related topics.

I'll post an update here with the details as and when those are published.

Updates from July 16th, 2017

Forensicator Updates

The Forensicator's analysis has opened eyes, got people asking questions and several people have been replicating/validating (and trying to challenge) the findings. This, in turn, has given people more confidence on this topic..

Some recent videos covering this have come from H. A. Goodman and Tim Black (who discuss the findings on "No Sell Outs") as well as Rick Amato's Politics & Profit.

The site that first broke the news was, of course, Disobedient Media, an independent media outlet I personally witnessed have several staff work extremely hard, some losing sleep on multiple nights, just to make sure their reporting was concise and valid. - I can't thank them enough for giving Forensicator's analysis the coverage it deserved and perservering with a technical analysis that was essential for them to understand in order to report on it properly.

Some sites ran with it as-is and gave attribution without adding spin or unrelated topics into the equation. ZeroHedge was a good example of doing that well.

Unfortunately, there were many versions of the story that added partisan spin or engaged in baseless speculation about Seth Rich despite us cautioning against it!. - We cautioned against it for a good reason and by not heeding our advice, those that engaged in it did the opposite of helping get justice for Seth.

As some of you may know, over the past few weeks I've been in contact with someone who has been working on a digital forensics analysis of the NGP-VAN archive that was released by Guccifer 2.0 in September of 2016.

It's now time to introduce you to the site where you can find that analysis.

For those that can, please validate (or challenge, where relevant) the findings.

Washington Post & The Latest Deep State Propaganda
The new Washington Post article about Putin is a prime example of propaganda in the mainstream press, if I can find time I'll write an article breaking down the bs. For now, I'll just point out that the only real revelation in relation to Putin was that Brennan's source of intelligence (as opposed to evidence?) is a Kremlin insider. - Almost all of WAPO's revelations were actually about the activities of the Obama administration, intelligence agencies & USIC leaders (some of which have reputations for stone-walling, lying or worse).

Robbin Young DMs - Evidence Dispute Page Updated
I've updated the dispute page in relation to Robbin Young to include details of Robbin releasing new 'uncropped' DMs as well as subsequent analysis by Hannibal Moot (BullTruth Magazine).

Guccifer 2.0 : DNC/CrowdStrike's "Russian Hacker"
Besides my recent article that tries to make sense of Henry & Alperovitch's contradictory, specious claims in an article released on 14 June 2016, there are numerous reasons to suspect CrowdStrike of conspiring with the DNC leadership to create the fake Russian hacker persona. - I've listed 15 of them, along with a few other points here.

Guccifer 2.0 : Digital Forensics Analysis
Wouldn't it be interesting if there was something that could show G2 was likely to be operating in the Eastern Time zone and appeared to have initially collated files over a LAN connection? - Stay tuned...

Sources, contacts, followers & supporters:
Without the invaluable help & support I've had from many of you my efforts here would mean absolutely nothing and I would be invisible. Please know I really appreciate your help and that I don't take it for granted. Thank you to all of you for everything you do.

Yesterday, I also made a statement asserting that Shawn Henry and Dmitri Alperovitch are very likely behind Guccifer 2.0 or are connected to those behind the persona. - I've been sat with their names for over 2 months and considering the Washington Post article analyzed in the article above, it's hard, from my perspective and with all the research I've done over the last 6 months to see how it could have really been carried out by anyone else.

I'm currently working on an article covering deception, propaganda, manipulation & perception management (titled "Information Warfare & The Perception Management Industry"), once this is published, I will move on to publishing another new article in relation to further evidence that has been discovered.

New Disobedient Media Article
For any that haven't seen it yet, Disobedient Media have a new article out: "Did Guccifer 2.0 Fake “Russian Fingerprints?" and even if you don't want to read an article that covers the stuff I've been doing (understandable as you hear enough of that from me directly!!), you might want to check them out anyway as they've covered various topics that are likely to be of interest to quite a few people that visit this site.

In light of some very fair observations made in the article highlighted above, I have made some changes to the "Evidence of Intent" articles and references to them across the site so that the titles are now more specific to the scope of what the evidence there actually covers.

The "new" NGP-VAN archive going around - seems to be bloated by 400Mb through duplication (there are folders and archives of the same content within the new archive).

I did wonder if there was anything I might have missed so I also used UltraCompare on the two different directories (with all archives extracted) and that only resulted in discovery of the 4 unique files (the 'lock' files I'd mentioned on Twitter recently) which account for 367 bytes of the 400Mb increase.

NOTE: I was unaware of the source of this new archive until after I'd already initially inspected and commented on it. I will continue to refrain from offering any public opinion on the source and will just focus on information.

Relevant PSA: If you find a USB stick (as was claimed regarding the source of the new archive), consider the risks of malware. If you find it conveniently where you're the most likely person to discover it (eg. discarded on your driveway, outside your house, etc), be weary that it could have malware on it with you as the intended victim, it's a common method of infiltration because of human nature, people are curious and lot of people end up plugging it in (often to their main computer) to have a sneak peek at what's on it.

Having checked through Guccifer 2's first forty documents allegedly hacked from the DNC, @jimmysllama has discovered that there may be a problem with the premise they're from the DNC. - For more details check out the post at: https://jimmysllama.com/2017/05/28/9867/

Hannibal Moot of BullTruth magazine has been applying some well-placed skepticism to more DMs that have been published recently. - It turns out that the HelloFLA DMs exhibit the exact same anomaly that applied to Robbin Young's DMs.

UPDATE: I've attempted to contact HelloFLA via DMs to inquire about the anomaly observed, about the 250Mb and 2.5Gb discrepancies in reporting (250Mb was what he'd reported in the past but the reports that came out asynchronously across the MSM recently state 2.5Gb) & also about the exclusivity of the data in the DCCC documents (as it looks like most of it was based on data already available to both parties, so the notion of the turnout model, etc. being worth millions is highly questionable). (It's also far more relevant to congressional races than to the general election).

If someone throws a name at you as being an identity behind Guccifer 2.0, ask whether they would have had access and the capabilities demonstrated - not many will fit all 3.

Would that person have intentionally fabricated "Russian Fingerprints" on the first 5 documents they released in an effort to undermine leaks by framing them on Russia? (Did they have the motive or are they directly tied to someone that did have motive at that time?)

Would they have had any ability to access DNC documents without hacking? (G2's breach claims were discredited and could never be independently verified, yet he still had access to files AND could only ever get files from the Democratic party)

Would they be technically capable of carrying out a professional cyber-misdirection campaign that managed to fool the USIC & cyber-security industry for 8+ months? (What has now been exposed about Guccifer 2.0 suggests the operation involved counterintelligence and cyber-security expertise)